Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Avaaz, is this for real?

EI8FDB ei8fdb at ei8fdb.org
Fri May 4 10:18:08 PDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

While it is a small detail its important - DDoS attacks are mounted in a different way to a DoS attack. From the vague wording on the Avaaz site it sounds like a DDoS attack, but since there is no evidence it is not possible to make 

The wording of the article on Avaaz website is very non-descript and frankly very smoke and mirrors:

"under massive attack"
"is likely coming from a government or large corporation"
"massive, simultaneous and sophisticated assaults from across the world to take down our site"
"top-notch security, our site is still up, but it's not enough"
"take our security to the next level"

Surely the security expert would want to detail the attack. A comparison to articles from organisations and companies such as Opennet and Renesys show to difference in detail given.

Bernard

On 4 May 2012, at 18:00, Steve Weis wrote:

> Hello Andrew. Your article asserts that this attack is happening as fact, yet you say that Avaaz did not provide any additional information. Which sources and evidence did you base your article on besides Avaaz's own press release?
> 
> Claims of a "massive attack" are easy to confirm. Avaaz should be able to provide detailed logs of the attack, which can be verified by an independent security professional and corroborated by their hosting providers.
> 
> If this does turn out to be a targeted denial of service attack, that certainly doesn't take real expertise or significant resources -- it's cheap to rent a botnet. It's a big leap to claim that a state actor or large corporation must be behind it.
> 
> On Fri, May 4, 2012 at 9:18 AM, Andrew Couts <andrew_couts at yahoo.com> wrote:
> Hi - I'm the author of that Digital Trends article. I have repeatedly asked Avaaz for more information about the attack, and they have either said "We'll know more soon," or completely ignored me. I believe there is simply not enough information available yet to make accusations of fraud in the press. But I am doing my best to get answers about exactly this. I'll send out an update if they respond.
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech

=====
Bernard / bluboxthief / ei8fdb
IO91XM / www.ei8fdb.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJPpA9RAAoJENsz1IO7MIrrl58H/iqcwKikH/ZFSM9biFQvEORX
cFmKaS7typuaswd/65pzOfRQxpSVyJiOfmb5ywnxAiiM7sDcv+ZGAzoEnYep+sM3
bTmGnN9e+JGJBsU9UYuI96+omBT2krD1aGtaLB3OcsefXZb9DCmfHb32H8j4e5zV
cTWAV9sGItNCtnv83OgtPaFNxY6QYOUOm2SIp8dAWEHy7sdsVVnOx2ktpM2NGfWU
8GH3Tr3DPUJdgv39WaGQO4M9ozZ9kJE8YiuPEIoVTJ5tU+IAh5sIGE5mZyZPbD5c
DrLeIrquaoiOVlFr9LF62BBlChLVtDlSL12q14YTARg0hSUWxpvUyzjqhF4UGNs=
=OJtd
-----END PGP SIGNATURE-----



More information about the liberationtech mailing list